HITCON CTF web writeup
https://github.com/orangetw/My-CTF-Web-Challenges

机器学习在安全攻防场景的应用与分析
http://www.freebuf.com/articles/neopoints/152457.html

PROPagate:一种新的代码注入技巧
http://www.hexacorn.com/blog/2017/11/03/propagate-a-new-code-injection-trick-64-bit-and-32-bit/

WordPress Plugin JTRT Responsive Tables 4.1 SQL注入
https://www.exploit-db.com/exploits/43110/

浅谈CTF中命令执行与绕过的小技巧
http://www.freebuf.com/articles/web/137923.html